How to Filter Prefixes with Distribute-list

Prefixes that are advertised by routing protocols like OSPF, EIGRP or RIP can be filtered. One way of doing this is by using a distribute-list. In this lesson I’ll give you an example of how to filter certain prefixes with a distribute-list.

Filtering can occur inbound or outbound. If you have an inbound route filter we will first check if the network is permitted or not before we will accept it. Let’s take a look at a network topology so I can give you a demonstration:

R1 and R2 are connected to each other and running EIGRP. On R2 I have added a couple of loopback interfaces with prefixes that we will advertise in EIGRP. Here is the configuration:

Go to the configuration of the EIGRP process and use the distribute-list command to see your options. As you can see we can choose between an access-list, a prefix-list or a route-map. Let’s start with the access-list. You are probably familiar with the concept of access-lists if you studied CCNA.

Forum Replies

Hey, what is the difference in using route-maps or access-lists or prefixlists when applied to distribute-list ? they all do the same in regards to filtering routes in ospf or eigrp ? are there any minor difference between those ? can you please explain in detail. Thank you.

Hi Rene, I have a question regarding recusive routing and the filtering of routing interfaces.
I have a network similar to the one shown in the EIGRP Route-MAP Filtering lesson. The difference I have in my network is that the Tunnel areas has two ASAs so that if the primary route fails routing information can be sent over a tunnel to the remote site via the internet. Routing on this network is provided bt EIGRP. Currently when the primary route fails the link that goes over the internet goes into recursive routing and fails.

We can place access-list on “in” or “out” I looked up the following which says standard access list should be placed near destination.

Standard Access Control List (ACL) filters the traffic based on source IP address. Therefore a Standard Access Control List (ACL) must be placed on the router which is near to the destination network/host where it is denied. If we place the Standard Access Control List (ACL) near to source of the traffic, there is a chance for denial or other legitimate tr

So it seems to me that Best Practice here is just a starting point. Once you get enough knowledge you can be even more efficient depending on the specific design and setup. That was what I was really getting at. I am starting to understand it so my thinking once I have the basic grasp is not held down by specific rules because rules are for the most part general in nature.

I just wanted to ask and confirm that before hand because while what I just stated is logical and common sense if your not careful and don’t ask questions there may b

New Lessons

Testimonials

Very Helpful

Very good explanations, which are accurate and to the point. Thanks Rene!

Aata El HamssSystem DesignerApril 15, 2016

Passed CCNP SWITCH

I was very frustrated when I first failed my CCNP SWITCH after 1 year of book study. Then started studying with NetworkLessons.com and passed my CCNP switch exactly 3 months later. Now I am studying for CCNP Routing, and I am no longer studying books, but doing practical training under Rene's guidance.

Machiel de ManNetwork TechnicianSeptember 22, 2018

Perfect & Wonderful!

This website is very helpful in term of the beginner and advance lesson to get Cisco Certificates. Start the basic of each lesson then practices, Question and Answer are available online so that it's really helpful in case of any doubts, Many more, etc.

Makara NGYIT ManagerOctober 30, 2015

A Fountain of Knowledge!

Networklessons.com is a fountain of knowledge to those who seek for excellence and success in life in the fields of networking. It's a good foundation to any candidate seeking certification from CCNA to CCIE. I have been searching a lot for network review materials and many people make networking sound difficult. When I came across Networklessons.com, topics are explained in a more comprehensible way. The course material is easy to understand even the most difficult and complicated topics. Then everything comes into light. I found Networklessons.com very comprehensible and valuable!

Stanley PaezNetwork SpecialistJanuary 14, 2016

Great Work!

It's like a spoon feeding type of tutorial. Thanks!

Don DrujaNetwork EngineerNovember 10, 2015

Passed my CCNA

The lessons are very well explained in simple terms. I passed my CCNA from studying from this site! The videos are very educative. NetworkLessons.com is a great e-learning site which explains simplified and precise.

Lamin J. CeesayTechnicianAugust 1, 2017

Career Changing

No exaggeration to say I wouldn't be where I am without the help of Networklessons.com and Rene's guides. All these have allowed me to quickly understand concepts in the production environment and for studying towards exams also. Look forward to upcoming updates!

Rob CainNetwork EngineerJanuary 28, 2016

Fantastic

I found NetworkLessons.com when I was trying to find a solution to understand some networking concepts. René is doing a fantastic job explaining complex subjects in a simple way. I really recommend everyone to become a member. NetworkLessons.com gives valuable advice to become CCIE. Thank you so much!

Juliano V. LopesTechnical DesignerApril 3, 2018

Really Helped Getting my CCIE

The lessons and explanations of NetworkLessons.com are presented in a very simple way that its easier to absorb than other sources and to get the hang of it. NetworkLessons.com has really helped me with my CCIE certification. Thanks!

I feel Rene is very helpful especially when I need help in my job in Cisco. My previous experience is with Linux systems and any open-source projects, creating various services ranging from DNS, Web services to OpenVPN, and OpenRadius. Plus maintaining security of servers. I am currently working at a Stocks Exchange Software company, which requires me to have knowledge both in Cisco, and Unix. I have some basic knowledge on Cisco, however my job requires to have more in-depth knowledge especially in multicast. One thing I love in enrolling on Network Lessons is because of Rene, I feel he is a very helpful and talented Cisco Network Engineer. Hopefully I will learn a lot on Cisco and he may help me, since I started to love Cisco.

Chester Ng NgoUnix Administrator / IT SupportNovember 18, 2015

Genuine Videos

I have had the pleasure of being in Rene classroom presentations a few years ago. It looks like his videos on NetworkLessons.com are actually taped in a real live class. He is just that kind of guy (the greatest). Thanks!